package com.qingxin.sys.action;

import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.qingxin.sys.entity.LoginUser;
import com.qingxin.sys.service.SysPermissionService;
import com.qingxin.sys.support.SystemCfg;
import com.qingxin.sys.utils.StringUtils;

/**
 * 登录处理
 * @author Administrator
 *
 */
@Controller
public class LoginAction extends BaseAction {
	
	@Autowired
	private SysPermissionService sysPermissionService;

	
	/**
	 * 登录页
	 * @param model
	 * @param request
	 * @param response
	 * @return
	 */
//	@RequestMapping(value="/login.do", method=RequestMethod.GET)
//	public String login(ModelMap model, HttpServletRequest request, HttpServletResponse response) {
//		LoginUser loginUser = getLoginUser(request);
//		if(loginUser != null){
//			return "redirect:/sys/index.do";
//		}
//		return "redirect:/sys/login.do";
//	}
//	
//	
//	/**
//	 * 登录页
//	 * @param model
//	 * @param request
//	 * @param response
//	 * @return
//	 */
//	@RequestMapping(value="/sys/login.do", method=RequestMethod.GET)
//	public String sys_login(ModelMap model, HttpServletRequest request, HttpServletResponse response) {
//		LoginUser loginUser = getLoginUser(request);
//		if(loginUser != null){
//			return "redirect:/sys/index.do";
//		}
//		return "sys/login";
//	}
//	
//	
//	/**
//	 * 登录处理
//	 * @param model
//	 * @param captcha
//	 * @param request
//	 * @return
//	 */
//	@RequestMapping(value="/sys/login.json", method=RequestMethod.POST)
//	@ResponseBody
//	public Object sys_login(ModelMap model, String captcha, @RequestHeader(value="qxlogin", required=false)String qxlogin, HttpServletRequest request) {
//		if(StringUtils.isEmpty(captcha) || StringUtils.isEmpty(qxlogin)){
//			return new SysError("登录信息无效");
//		}
//		String loginname = null;
//		String passwd = null;
//		
//		try {
//			QxLogin qxLogin = new QxLogin(qxlogin);
//			loginname = qxLogin.getLoginname();
//			passwd = qxLogin.getPasswd();
//		} catch (Exception e) {
//			e.printStackTrace();
//			return new SysError("登录信息无效");
//		}
//		
//		if(StringUtils.isEmpty(loginname) || StringUtils.isEmpty(passwd) || !loginname.matches("^[0-9A-Za-z]{4,20}$")){
//			return new SysError("登录信息无效");
//		}
//		
//		String serverCaptcha = (String) request.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
//		if(StringUtils.isEmpty(serverCaptcha) || !serverCaptcha.equalsIgnoreCase(captcha)){
//			return new SysError("captcha", "验证码错误");
//		}
//		
//		SysUser sysUser = sysUserService.getByProperty("login_name", loginname);
//		if(sysUser == null){
//			return new SysError("登录信息错误.");
//		}
//		passwd = StringUtils.md5(passwd+sysUser.getSalt());
//		if(!sysUser.getPassword().equalsIgnoreCase(passwd)){
//			return new SysError("登录信息错误.");
//		}
//		
//		LoginUser loginUser = new LoginUser();
//		loginUser.setUserid(sysUser.getUserid());
//		loginUser.setLogin_name(sysUser.getLogin_name());
//		loginUser.setUser_type(sysUser.getUser_type());
//		loginUser.setUser_status(sysUser.getUser_status());
//		
//		if(!SystemCfg.isAdminUser(loginUser)){
//			if(!"1".equals(sysUser.getUser_status())){
//				return new SysError("该账号已停用，不能登录. 请联系系统管理员解决该问题.");
//			}
//		}
//		
//		request.getSession().setAttribute(SystemCfg.SESSION_LOGIN_USERID, loginUser.getUserid());
//		
//		return "{\"code\":200}";
//	}
//	
//	
//	/**
//	 * 注销处理
//	 * @param request
//	 * @param response
//	 * @return
//	 */
//	@RequestMapping(value="/sys/logout.do", method=RequestMethod.GET)
//	public String sys_logout(HttpServletRequest request, HttpServletResponse response) {
//		request.getSession().removeAttribute(SystemCfg.SESSION_LOGIN_USERID);
//		
//		return "redirect:/sys/login.do";
//	}
//	
//	
//	
//	/**
//	 * 首页
//	 * @param model
//	 * @param request
//	 * @return
//	 */
//	@RequestMapping(value="/sys/index.do", method=RequestMethod.GET)
//	public String sys_index(ModelMap model, HttpServletRequest request){
//		LoginUser loginUser = getLoginUser(request);
//		model.put("loginUser", loginUser);
//		
//		return "sys/index";
//	}
	
	
	
	/**
	 * 会话超时时显示页面
	 * @param model
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping(value="/public/timeout.do", method=RequestMethod.GET)
	public String timeout(ModelMap model, HttpServletRequest request, HttpServletResponse response) {
		
		String login_kind = (String) request.getSession().getAttribute("login_kind");
		if(login_kind == null){
			login_kind = "admin";
		}
		return "redirect:/"+login_kind+"/login.do";
		//return "sys/error/timeout";
		//return "redirect:/admin/login.do";
	}
	
	
	/**
	 * 没有权限导致拒绝操作时显示页面
	 * @param model
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping(value="/refused.do", method=RequestMethod.GET)
	public String refused(ModelMap model, HttpServletRequest request, HttpServletResponse response){
		//return "sys/error/refused";
		return "sys/error/refused";
	}
	
	
	/**
	 * 验证是否已经登录，如果该方法调用成功说明已经登录
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping(value="/isLogin.json", method=RequestMethod.GET)
	@ResponseBody
	public Object isLogin(HttpServletRequest request, HttpServletResponse response) {
		return "1";
	}
	
	
	/**
	 * 判断当前用户是否可以访问指定的权限
	 * 
	 * @param code 权限编号
	 * @param request
	 * @return 可以访问返回1，否则返回0
	 */
	@RequestMapping(value="/isCanAccessPerm.json", method=RequestMethod.GET)
	@ResponseBody
	public String isCanAccessPerm(String code, HttpServletRequest request){
		if(StringUtils.isEmpty(code)){
			return "0";
		}
		LoginUser loginUser = getLoginUser(request);
		if(loginUser==null){//没有登录
			return "0";
		}
		if(SystemCfg.isAdminUser(loginUser) || SystemCfg.isSystemAdminUser(loginUser)){
			return "1";
		}
		Set<String> rights = sysPermissionService.getUserPermissionCodes(loginUser.getUserid());
		if(rights.contains(code.toUpperCase())){
			return "1";
		}
		return "0";
	}
	
	
	
}
